ad2bc5be6907a40342a3421529067fd2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad2bc5be6907a40342a3421529067fd2_JaffaCakes118
Size

216KB
MD5

ad2bc5be6907a40342a3421529067fd2
SHA1

1379553790f51760744c42d64397a203eba897d3
SHA256

30099a412d1bd05e2a662945b0a1ccd3d195aee58ca041dc160cf06ddfd9c217
SHA512

d43b676d257abf421d9ff1c106d7ffd838084107109e0078579ae907a972de4e0a5de314c9025efc52bd3fa2774c88f0f4099a634f8985c9d6ae36f7a460a9a0
SSDEEP

1536:gUHPjyfx8GvGWlWADm/o/bNwfhukRsohKwvxJ8KY4RH:gUH7p/YmA/5wd+elkKY4RH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad2bc5be6907a40342a3421529067fd2_JaffaCakes118

Files

ad2bc5be6907a40342a3421529067fd2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5eb8a5782dd0037f2dfaf0abbc8431c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize

advapi32

EqualPrefixSid
GetSecurityDescriptorGroup

ntdll

memset

ws2_32

htonl

pdh

PdhExpandWildCardPathHW

shell32

SHGetFileInfoA

user32

EndMenu
GetDialogBaseUnits
GetMessageExtraInfo
GetWindowThreadProcessId
GetCapture
CreatePopupMenu
MessageBoxIndirectA

kernel32

HeapFree
GetEnvironmentStringsW
CreateTimerQueue
lstrlenA
GetCommandLineA
GetDateFormatA
GetSystemInfo
GetConsoleCursorInfo
GetFileAttributesW
IsProcessorFeaturePresent

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 826B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ